|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 919-2 (curl)|
|Summary:||Debian Security Advisory DSA 919-2 (curl)|
The remote host is missing an update to curl
announced via advisory DSA 919-2.
The upstream developer of curl, a multi-protocol file transfer
library, informed us that the former correction to several off-by-one
errors are not sufficient. For completeness please find the original
bug description below:
Stefan Esser discovered several off-by-one errors that allows
local users to trigger a buffer overflow and cause a denial of
service or bypass PHP security restrictions via certain URLs.
For the old stable distribution (woody) these problems have been fixed in
For the stable distribution (sarge) these problems have been fixed in
For the unstable distribution (sid) these problems have been fixed in
We recommend that you upgrade your libcurl packages.
BugTraq ID: 15756|
Common Vulnerability Exposure (CVE) ID: CVE-2005-4077
Bugtraq: 20051207 Advisory 24/2005: libcurl URL parsing vulnerability (Google Search)
Debian Security Information: DSA-919 (Google Search)
SCO Security Bulletin: SCOSA-2006.16
Cert/CC Advisory: TA06-132A
BugTraq ID: 17951
|Copyright||Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com|
|This is only one of 58880 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.